This ‘What Every Manager Should Know About’-series is intended for managers whose businesses have to disclose (or feel the need or pressure to disclose) non-financial information. The needs or pressures to disclose non-financial information are manifold. Regulatory compliance such as EU directive 2014/95/EU, NGO pressure, ESG-risk management, demands from investors, and many other factors can all be reasons for a firm to start on a journey of non-financial reporting. Different non-financial topics have in common that they arguably feel unfamiliar to business managers who are trained to mainly think in financial terms. Now that the business case for non-financial reporting is well established (see The Business Case for Non-Financial Reporting), it is time for managers to familiarize themselves with the non-financial aspects of their business operations. In this series, I covered climate change, human rights, new governance, and corruption and bribery. Of course, these merely scratch the surface of non-financial aspects. The range of topics discussed, however, allow us to draw a number of general recommendations that will help you make a plan for implementing non-financial disclosure for your organization. After summarizing these general recommendations, pulled from previous posts in this series, I offer you an additional important point for consideration: which organization function should ultimately be responsible for non-financial reporting?
What we can take from previous posts in this series
- Non-financial reporting is tied to risk management. The first thing that you should be aware of is that non-financial reporting is closely tied to environmental, social, and governance (ESG) risk management. Focusing on non-financial aspects will tell you much about the risks your firm is facing in these non-financial areas. In the post on climate change for example, the case was made that focusing on climate change offers your firm the chance to gauge asset and infrastructure risk, price and yield risk, government regulation risk, and reputational risk. Reputational risk was also discussed in relation to human rights. Not adhering to human rights principles, can furthermore lead to risks of disruption in your supply chain because of strikes, bad quality of products, or drops in productivity for example. Managing governance or anti-corruption (discussed in two other posts) in an insufficient manner can lead to anything from reputational risk, to profitability risk, to ultimately risking your firm’s license to operate.
- Involving stakeholders is key. In the post on governance, we saw that both an explosion of advocacy groups since the 1970’s and increasing globalization lead to ever more importance and influence of a multitude of stakeholders on your business operations. It makes sense to involve your most important stakeholders when you select the most material non-financial topics for your reporting effort.
- Don’t reinvent the wheel and use existing guidelines, certification schemes and overarching (inter)national policy goals. A number of authoritative sources for your ESG-policies are readily available. Posts in this series referred to, among others, the OECD Principles of Corporate Governance, the UN Guiding Principles on Human Rights, and the Anti-Corruption Ethics and Compliance Handbook for Business drafted by the UN and World Bank. In the environmental realm, there is a plethora of multi-stakeholder initiatives that can help your business implement proper policies. For example, WWF endorses a number of multi-stakeholder initiatives, such as the Forest Stewardship Council (FSC) for wood and other forest products, Marine Stewardship Council (MSC) for seafood, the Roundtable on Sustainable Palm Oil (RSPO), the Roundtable on Responsible Soy (RTRS) and the Better Cotton Initiative (BCI). Multiple actors offer tools to help you pick the certification scheme that fits the needs and demands of your business, focusing on social, environmental and governance elements. Beyond certification, your company should be aware of overarching goals set by for example the United Nations (see the Sustainable Development Goals) and governments (see for instance the Dutch push for a circular economy in 2050 which is, in turn, based on an action plan for a circular economy drafted by the EU). Aligning your efforts with those grander (inter)national schemes will help structure your message to stakeholders.
- Use a step-by-step implementation plan for your ESG-policies. In both the post on human rights and the post on governance, an 8-step approach to implement a policy on any ESG-topic in your company’s operations (including your supply chain) was proposed:
1) Analyze and prioritize. First, perform a risk analysis and determine where your priorities need to be.
2) Engage stakeholders. Engage widely with stakeholders and formalize the dialogue. The engagement should lead to a decision on a compliance strategy: a code of conduct or certification scheme that has the support of your stakeholders.
3) Select suppliers. Select suppliers that are willing to work together on your priority ESG-topics and are willing to work towards compliance with your targets.
4) Develop KPIs & implement processes and policies. Develop KPIs together with suppliers and other stakeholders. Important: do not forget to design and implement processes, policies and systems that can actually deliver on your KPIs.
5) Evaluate. Evaluate your (and your suppliers) efforts on a regular basis. Follow-up frequently to see if expectations are being met and evaluate progress.
6) Enhance performance. Use supplier development strategies to enhance performance. Implement collaboration and training programs at the supplier, invest in assets, or offer technical and (potentially) financial assistance. Informal evaluations and audits could encourage suppliers to take initiative.
7) Report. Communicate your efforts and results according to the compliance strategy you chose in step 2 or integrate the results in your current ESG-report. Reach out to all stakeholders involved in step 2 and get their feedback.
8) Review. Set-up a periodic review board. Make sure it is composed of in-house professionals and external academic, NGO expertise, and worker unions. Review performance evidence quarterly to identify patterns and explore possible solutions
Assigning non-financial reporting to the CFO
Now that we have a number of guidelines on how to implement non-financial policies and reporting in your organization, the next question would be: ‘who should be in charge?’ For a number of reasons, the answer to that question is unequivocal:
- Non-financial reporting may not be financial reporting, but it is reporting. Consequently, the person in charge should know how to deal with data gathering, reporting processes, reporting systems, compliance and auditing.
- Non-financial reporting is closely tied to risk management. The person in charge should have strong knowledge of enterprise risk management.
- Non-financial reporting has implications for the firm’s strategy and vice versa, the person responsible should have a role in which she can influence decisions on both fronts.
For all these reasons, I propose to hand final responsibility for non-financial reporting to the Chief Financial Officer. Ioannis Ioannou, of London Business School, who has published widely on corporate strategy in relation to ESG-topics, tends to agree in an article in The Guardian:
There are important implications in terms of organisational design and structure. How separate should the strategy and sustainability functions be within a corporation? What should the relationship between the CFO and the Chief Sustainability Officer (CSO) be? Current corporate mindsets consider CSSR [corporate sustainability and social responsibility] issues as peripheral or at best, as separate issues, and therefore there is a clear distinction between strategy and CSSR functions. This is an artificial and dangerous segregation. In fact, for a company that truly understands what strategy will look like in the age of sustainability, the CFO and the CSO should be the best of friends, or even, the same person.
This last installment summarized the main takeaways from previous posts in the series ‘What Every Manager Should Know About’ that focused on non-financial reporting. These takeaways should give you an advantage in implementing both regulatory reporting and voluntary reporting. I covered a number of ESG-topics in relation to non-financial reporting and concluded that 1) non-financial reporting should be tied to risk management; 2) involvement of stakeholders is key; 3) you should use existing guidelines, certification schemes and overarching (inter)national policy goals; and 4) a step-by-step implementation plan for each of your ESG-priorities is needed. In addition, I argued that non-financial reporting should be the responsibility of the C-suite: if not the CFO, then a CSO (Chief Sustainability Officer) that works closely together with experts in governance, compliance, risk and reporting that resort under the CFO. What I failed to discuss is the difference in actual frameworks that structure your overall non-financial report. Again, there is an abundance of frameworks available – e.g. GRI, IIRC, ISO 26000, CDP, SASB – and I hope to give an overview of their respective uses in a future blog entry.